Free Games

• Microsoft

  • Batman: The Enemy Within

    • 2017
    • Episodic adventure game in classic Telltale Games fashion, and a sequel to 2016’s Batman: The Telltale Series, it features the usual branching narrative and choices carrying over from the previous title

  • Shantae: Half-Genie Hero

    • 2016
    • The fourth game in the Shantae series, and the first full HD title, it’s a cute platformer with metroidvania elements that has you transforming into different animals to access new areas

  • Castlevania: Lords of Shadow 2

    • 2014
    • An action-adventure sequel to the 2010 Castlevania: Lords of Shadow, you play a weakened Dracula on a quest through medieval and modern worlds to defeat Satan

  • Sonic Generations

    • 2011
    • Produced for the 20th anniversary of Sonic the Hedgehog, and featuring both classic sidescrolling and full 3D levels, it follows Sonic and Tails as they team up with their past selves to stop an evil entity from erasing time itself

• Sony

  • Shadow of the Colossus

    • 2018 remake of the 2005 PS2 game
    • Beautiful action-adventure game that has you exploring a vast expanse on horseback to defeat the 16 colossi to restore the life of a girl, it’s minimalist in that there are no towns to explore, characters to interact with, or enemies to defeat other than the colossi

  • Sonic Forces

    • 2017
    • Platformer published for Sonic’s 25th anniversary, it features both classic side-scrolling and modern 3D Sonic gameplay, as well as a mode featuring custom characters inspired by fanart over the years
    • This one caught some flack for being released after the success of Sonic Mania

• Epic

  • InnerSpace

    • 2018
    • Adventure game inspired by Journey and Grow Home that has you soaring through the sky and diving into the ocean in search of the ancient gods of the Inverse, a realm of inside-out planets

Google’s strange stance on the ToTok messaging app malware is making a lot of people suspicious

• ToTok first hit as a popular social messaging app receiving millions of downloads from the Play and App Stores combined, with the iOS app alone having more than 32,000 reviews
• Then late last year both Google and Apple removed the app from their app stores after US intelligence officials found it was a tool for spying by the United Arab Emirates government
  • They told the New York times that the UAE was trying to track “every conversation, movement, relationship, appointment, sound, and image of those who install it on their phones.”
  • An independent analysis of the iOS and macOS apps confirmed that, if you gave it permission to access your contacts, it did in fact collect entire address books and send them back to head office
  • Not to mention the fact that all in-app communications would be readily accessible to the developers if they so choose
• Then a week later, Google put it right back with no explanation
• And then this week they removed it from the Play Store a second time, again with no explanation
• Finally, over the last few days Google’s Play Protect app scanning service started showing the warning “This app tries to spy on your personal data, such as SMS messages, photos, audio recordings, or call history. Even if you have heard of this app or the app developer, this version of the app could harm your device.”
  • The message then gives you two options, either Uninstall or Keep App (Unsafe)
• That back-and-forth, especially with them not telling users exactly what they know about the app, has people scratching their heads
  • Some are even speculating there may have been some insider on the app approval team that tried to sneak it back in

Slickwraps customers were treated some conflicting information about their privacy this week, but the bullet point here is that the company has been breached

• Earlier this week the whitehat hacker and cybersecurity consultant known as Lynx posted a full breakdown of exactly how they hacked Slickwraps’ website and, by extension, their internal systems
  • Basically it looks like the case customization feature, that lets you upload a photo to make a custom decal, allowed users to upload any file to any location on the webserver
  • That allowed access to the full contents of the server, including employee resumes and 9GB of customer photos (which, of course, included nudes)
  • From there Lynx got into configuration files, leading to their entire database including customer addresses, emails, phone numbers, and transaction histories
    • As a bonus they also got access to Slickwraps’ admin accounts and credentials for their payment partners, admin accounts, social media, and help desk
  • Basically, at this point Lynx owned Slickwraps’ entire digital infrastructure
  • Now you might ask, why did they post this info publicly? Well apparently they tried to contact support subtly on Twitter, directly through the support portal, and then no subtly by adding a page to their website saying “Lynx was here” and tweeting it to their support account
    • The company’s response, apparently, was to block Lynx on Twitter and, according to Lync, try to erase the data breach from their logs and reset passwords, even reinstalling their whole eCommerce platform, without actually closing the hole in their security
  • Days afterward they continued to ignore Lynx, even after other unscrupulous activity could be seen going on as other hackers caught wind of the vulnerability
  • Eventually the company messaged Lynx asking if they were looking for a bounty. Lynx replied, saying they didn’t want anything but for Slickwraps to notify their users of the breach as they’re required to do as part of European data privacy laws, which they were already in breach of since it took them so long after first contact to do anything
    • Then things got a little dark, with Lynx threatening that if Slickwraps didn’t contact customers they would do it themselves and potentially leak the entire database of information
    • The response? “Why are you doing this?”, followed up by “Are you able to help?” and “We are just the social team, btw and done via a 3rd party”
    • So Lynx did what they perhaps should have done in the first place- they found the CEO’s email in the Slickwraps database and emailed him, telling him to check the messages
    • Shortly afterward, Lynx was once more blocked. So days after first contact they gave up and published their findings
• Eventually Slickwraps did sent out a notification on February 21st, 6 days after the initial hack, saying “On February 22nd, we discovered information in some of our non-production databases was mistakenly made public via an exploit. During this time, the databases were accessed by an unauthorized party.” and claiming to have closed the databases in question
  • The timeline here is a little suspect, as well as the claim that it was non-production databases accessed rather than their entire infrastructure
  • It was also sent to a lot fewer users than were actually exposed- other whitehats sent out emails to the entire database details what happened, including each customer’s name and physical address as evidence, and there are many reports online of people receiving this email and not the official one
• There’s also the fact that at this point, depending on how far Slickwraps has come in actually addressing the issue, I would avoid their website since who knows what malware or other surprises people have snuck into place
• But there is good news here- no passwords or financial data were leaked, and if you checked out as Guest instead of creating an account you’re completely safe
• People that have been affected will need to be on the lookout for more targeted phishing attacks though, as a lot of identifying information is out in the wild now
• If you want to see if you’re affected you can punch your email address into haveibeenpwned.com to see a list of data breaches that include your information

Having fun with MTG Commander again

• Thanks to my friend Cam for inviting me to his MTG night
• Cam helped pick out some mean cards for my Mogis Commander deck
  • Here are some Highlights:
  • Mogis, God of Slaughter
    • For reference my commander, when on the field causes my opponent to sacrifice a creature or take 2 damage every upkeep
  • Dictate of the Twin Gods, 5 mana Enchantment
    • If a source would deal damage to a permanent or player, it deals double dame to that permanent or player instead.
  • Painful Quandry, 5 mana Enchantment
    • Whenever an opponent casts a spell, that player loses 5 life unless he or she discards a card
  • Ob Nixilis, Unshackled, 6 mana Legendary Creature, 4/4
    • Flying, Trample
    • Whenever an opponent searches his or her library, that player sacrifices a creature and loses 10 life.
    • Whenever another creature dies, put a +1/+1 on this creature
  • God-Pharoh’s Statue, 6 mana Legendary Artifact
    • Spells your opponents cast cost 2 more to cast
    • At the beginning of your end step, each opponent loses 1 life
  • Hour of Devastation, 5 mana Sorcery
    • All creatures lose indestructible until end of turn.
    • Hour of Devastation deals 5 damage to each creature and non-Bolas planeswalker
  • Fraying Omnipotence, 5 mana Sorcery
    • Each player loses half their life, then discards half the cards in their hand, then sacrifices half the creatures they control.
    • Round up.
  • Dingus Staff, 4 mana Artifact
    • Whenever a creature is put into any graveyard from play, Dingus Staff deals 2 damage to that creatures contoller

Overwatch Experimental 1-3-2

• There is a new tab when selecting your game called Experimental.
  • It is reserved for radically different tests, that are not meant to roll into the game, which is why they aren’t seen exclusively on the Public Test Realm.
• The first is a test to change the dynamic of team play to have one tank, three damage and two support.
  • To make one tank more viable, here are the interesting changes made to the Tank Heroes.

• D.Va

  • Health
    • Still 600, but adjusted to have 200 more armor
  • Defense Matrix
    • Lasts twice as long, now 4 seconds
  • Fusion Cannons, primary fire
    • Now only reduce movement speed by 30% instead of 50%

• Orisa

  • Protective Barrier
    • Cooldown reduced from 10 seconds to 8
    • Barrier health increased to 900

• Reinhardt

  • Health
    • Still 500, adjusted to have 100 more armor
  • Rocket Hammer, primary fire
    • Damage increased from 75 to 90
  • Barrier Field
    • Regeneration increased from 200 to 250 per second

• Roadhog

  • Take A Breather
    • In addition to regular effect, leaves a cloud when used.
    • The cloud heals all allies for 25 health per second and provides 25% damage reduction
  • Chain Hook
    • Reduced from 8 to 6 seconds
  • Scrap Gun, primary fire
    • Damage per pellet reduced from 6 to 5 (150 damage per shot down to 125 damage)
  • Whole Hog
    • Cost increased by 15%

• Sigma

  • Experimental Barrier
    • Regeneration rate increased from 120 to 200 per second
    • Barrier health increased from 900 to 1200

• Winston

  • Health
    • Armor health pool increased from 100 to 200 (Total health is now 600)
  • Barrier Projector
    • Cooldown reduced from 13 seconds to 10 seconds

• Zarya

  • Health and Energy
    • Shields health pool increased from 200 to 300. (Total health is now 500)
    • Maximum energy gain per barrier decreased from 40 to 30
  • Particle Cannon, primary fire
    • Maximum primary fire damage per second reduced from 170 to 140
  • Particle Cannon, secondary fire
    • Maximum secondary fire damage reduced from 95 to 80
  • Particle Barrier (Self)
    • Cooldown decreased from 10 seconds to 8 seconds
  • Particle Barrier (Ally)
    • Now creates barriers on all allies within 8 meters of your target
    • Duration increased from 2 seconds to 3 seconds

Tidbits

• Apple’s taking some heat this week for their Mac Pro option that changes its solid feet to a set of wheels
  • The $400 upgrade doesn’t offer any way to lock the wheels, so while it could be decent on the floor it would be a terrible idea to put it on a table or desk
• In a pretty confusing turn of events, the popular mobile game Plague Inc has been pulled from the iOS App Store in China because authorities say it “includes content that is illegal in China”
  • The strangest part is that it’s been available for years, so the best guess is that it has something to do with the COVID-19 coronavirus, but that still doesn’t really map
• The United States FTC has announced that it’s sending out refund cheques to people who fell victim to tech support scams
  • The agency will be sending out a total of $1.7M, averaging $30 each, to users tricked into paying for fake tech support from companies like Click4Support
• Samsung users got a surprise last week, receiving Find My Phone notifications that just said “1”
  • Apparently the alert was an accident- basically someone pressed a button they didn’t mean to and set out the mass notification during an internal test
  • Some users also noticed an odd spike in the app’s battery usage, with no explanation
• Director Rian Johnson shared some interesting info in a Vanity Fair interview this week- Apple lets you use iPhone in movies, but the bad guys cannot have iPhones on camera